I think malware is a term that describes all malicious software from adware all the way up to viruses that can steal and delete data and replicate across the network. If the creators named it iWorm, they clearly think it is very nasty indeed.
I agree the infected users are likely self inflicted but in a way Apple is responsible because they have created a false sense of security that Macs are not susceptible to viruses. Then the users go clicking on phishing links because they are naive or just stupid.
No it would still exist, but not actually infect very often. Kinda like now but even less effective.
It would exist in the sense that it could potentially be written, just as someone could potentially write a bash script for OS X that purports to "Speed up your Mac 10x" but actually does "sudo rm -rf /". But there wouldn't be much incentive to spend the effort on writing it if people were smart enough to not fall for social engineering.
When a malicious file is downloaded (via Safari at least), OS X warns that the file is dangerous. When trying to open the file, the warning that it's not signed appears again, forcing the user to right-click and open, unless Gatekeeper is off that is.
Of course if the user has disabled Gatekeeper, they've only really got themselves to blame.
When a malicious file is downloaded (via Safari at least), OS X warns that the file is dangerous. When trying to open the file, the warning that it's not signed appears again, forcing the user to right-click and open, unless Gatekeeper is off that is.
Of course if the user has disabled Gatekeeper, they've only really got themselves to blame.
The only thing I find of substance is over at ArsTechnica. While they too say the method of distribution isn't detailed:
"its “dropper” program installs the malware into the Library directory within the affected user’s account home folder, disguised as an Application Support directory for “JavaW." The dropper then generates an OS X .plist file to automatically launch the bot whenever the system is started.."
Perhaps it needs no user input? The whole thing is a little confusing and not well explained at all. Again I doubt it's an issue general Mac users should really worry about. Even the other tech sites are giving the story relatively short shrift.
Summary: Rides along with pirated copies of Photoshop and similar popular downloads from Usenet and Bittorrent. In the example, it did declare that it was from an unknown developer, but you would kind of expect this when you're installing something intended to bypass / override a developer's formal installation.
According to the article, It does not spread on its own.
Based on this, it's a simple trojan attached to pirated software. If the developers were really clever, they'd infect torrents of pirated antivirus to catch people a second time.
Summary: Rides along with pirated copies of Photoshop and similar popular downloads from Usenet and Bittorrent. In the example, it did declare that it was from an unknown developer, but you would kind of expect this when you're installing something intended to bypass / override a developer's formal installation.
According to the article, It does not spread on its own.
Based on this, it's a simple trojan attached to pirated software. If the developers were really clever, they'd infect torrents of pirated antivirus to catch people a second time.
Sounds plausible, except for the part about Apple users stealing software,
That's reminds me about a new customer that came by this week. Wanted some images he had taken from the web and Photo-shopped printed up. He mentioned himself that he used a pirated version, but explained it was OK since he never needed it before now and might not really use it very much. Not worth buying in his view and he wasn't looking at it as stealing I guess.
You know, I first thought that here we go with another overblown, irrational, fanatical Apple bashing pogrom. Then it dawned on me that this is how our current culture works in the U.S. Think about the Ebola crap now being debated to insanity 24/7/365 on every medium you can think of with talking heads dispensing punditry till your head explodes. Same goes for the ISIL coverage. Turns out the tech universe is a microcosm of the overall culture of our time, just shit storm after shit storm being manufactured by bloviating narcissists who dare to call themselves journalists or tech writers. Add to it all the insane, psychotic, pathological mindset that if you read it on the Internet it MUST be true.
And “bend-gate?” If you go to Apple’s discussion forums and look at the iPhone threads there’s almost NOTHING to see in this regard but hey, some guy made a YouTube video and that’s the definitive source?
I recently bought a bottle of Casamigos añejo tequila for sipping while I read this crap. It’s really good and you get a different perspective after a shot or two or three.
Summary: Rides along with pirated copies of Photoshop and similar popular downloads from Usenet and Bittorrent. In the example, it did declare that it was from an unknown developer, but you would kind of expect this when you're installing something intended to bypass / override a developer's formal installation.
Wow, there are 17K users using pirated Photoshop or other apps? That surprises me, software isn't that expensive these days. 10 years ago there was a lot of app piracy but I thought these days not so much.
The worse virus I'Ve ever had is when I used a program on infected floppy in 1994 (it had the monkey boot sector virus, a nasty peace of work that spread like wild fire!). Almost all our floppies at work were infested (I wasn't in charge of security) and we lost 3 computers that way.
Oh man, had that too a few years before that. System 6.0.8 IIRC. Got infected from a single floppy we had returned to us from a print shop, same results. When it's late at night and you're tired and a file disappears or renames itself you think you're just getting punchy. Symantic Tools and a day or two of doing nothing but passing discs around, reformatting and reinstalling put us back on track, but what a nightmare.
At the time we didn't think of ourselves as computer people. We were doing our craft and the Mac Pluses and SEs were just the tools. But after that we started allowing a part of our brain to be occupied by good computer conduct. Now, sadly, it's 75% of it with only 25% left for what we're using them for.
Wow, there are 17K users using pirated Photoshop or other apps? That surprises me, software isn't that expensive these days. 10 years ago there was a lot of app piracy but I thought these days not so much.
Are you kidding me? There are surely many,many times more than 17k users of popular pirated software. Photoshop is still expensive ($600+) as a one time purchase when you could do that, and now pricey for some at $10/mo. What's surprising is that with all of the low-cost alternatives available today (Pixelmator, Acorn, Photoshop Elements) you'd still pirate; particularly since the vast majority of those pirating PS surely don't use the features that differentiate it from the low-cost alternatives.
I wish AI would simply put one sentence into the article stating that you have to download and install this software with a password.
Except these so-called techies have no idea what they are talking about. The Flashback.K variant, which was a java exploit, was able to install itself in OS X without an administrator password.
Now, sadly, it's 75% of it with only 25% left for what we're using them for.
Which is really sad and a problem that has to be solved. That is where I think the App Store can help long term. If operating systems refuse to run any program that did not come from the app store, then malware email attachments and such will not run even if people click on them. Then people can get back to using their computers to actually get things done instead of worry about security all the time. But it requires software vendors to get on board, and support the App Stores on the various platforms: the Mac App Store for Apple and the Windows Store for Microsoft.
Wow, there are 17K users using pirated Photoshop or other apps? That surprises me, software isn't that expensive these days. 10 years ago there was a lot of app piracy but I thought these days not so much.
I don't think a lower cost of apps has any effect on piracy. For nearly all of the people who use pirated apps (or media or anything) if it can be acquired for nothing it will be done. Doesn't matter if the legit version costs $500 or $50, that just alters their rationalizing of it a bit. The harder it is to get pirated apps the less widespread they will be. As long as they are available easily the borderline downloader will always just do it regardless of any other factors.
I don't think a lower cost of apps has any effect on piracy. For nearly all of the people who use pirated apps (or media or anything) if it can be acquired for nothing it will be done. Doesn't matter if the legit version costs $500 or $50, that just alters their rationalizing of it a bit. The harder it is to get pirated apps the less widespread they will be. As long as they are available easily the borderline downloader will always just do it regardless of any other factors.
I don't think that's true, I think the primary factor is laziness/ease. Currently it's much easier to torrent an app than go to the store and buy a boxed copy. Or even to search the web, find a legitimate digital copy, figure out whatever god awful third party payment system they're using, maybe create an account on that site, then leave your chair to get your wallet with your credit card details, blah blah blah, what a hassle.
But if your very OS has a built-in app store, and your credit card details are already saved in there, and software is cheap and only 1 click away, then suddenly that's the easiest way, and I think in that situation you get a lot of people buying the legit version.
My MacBook Pro was infected by something. With Safari browser, when I click a link from a link like the comments in this article another web page will open in another tab. When I try to open a link in a Gmail email Safari will not open it saying a popup blocker may be preventing the application from opening the page. I tried to do all kinds things from Safari Preferences. I could not return Safari to the previous state.
I am forced to use Firefox to avoid these annoyances. Firefox does not exhibit this problem.
Sounds like adware, Search for componets such as Genieo, Spigot, Conduit, MacKeeper.
I believe there is a freeware application called AdwareMedic that will remove them for you, then again, if you are running the latest Mac OS and keeping it up to date, you shouldn't have these pests onboard your OS.
Where does Apple state that Mac OS X isn't susceptible for Mac OS X viruses?
Mac OS X (since at 10.4 Tiger?) even has a dynamically updated anti-malware tool for looking for, warning and removing malware. That is proof that Mac OS X can be infected with malware and it comes right from Apple thereby proving your argument false. I would bet we'll see their database updated to look for this new iWorm soon since the database is updated daily.
There have been no true OS X viruses in the wild, however, there are a couple of proof of concept viruses created in security labs. One is Macarena, the other is Clapzok.A, which is really a variant of the former.
I love it that a long time member calls me out for the stupidest post of the day because it only serves to confirm that my comments touched a nerve with the Apple fan base, I consider that a win.
You consider being stupid a win? I have news for you: that makes you genuinely stupid.
Your statement was not only completely irrelevant to Apple, it–and the rest of the dreck you consider discussion in this thread–serves to out your ignorance and pointlessness.
Why are you here if not to disparage Apple? You don’t care about fact or truth; why should you keep posting?
Comments
This wins the Stupid Post of the Day Award.
No it would still exist, but not actually infect very often. Kinda like now but even less effective.
It would exist in the sense that it could potentially be written, just as someone could potentially write a bash script for OS X that purports to "Speed up your Mac 10x" but actually does "sudo rm -rf /". But there wouldn't be much incentive to spend the effort on writing it if people were smart enough to not fall for social engineering.
When a malicious file is downloaded (via Safari at least), OS X warns that the file is dangerous. When trying to open the file, the warning that it's not signed appears again, forcing the user to right-click and open, unless Gatekeeper is off that is.
Of course if the user has disabled Gatekeeper, they've only really got themselves to blame.
"its “dropper” program installs the malware into the Library directory within the affected user’s account home folder, disguised as an Application Support directory for “JavaW." The dropper then generates an OS X .plist file to automatically launch the bot whenever the system is started.."
Perhaps it needs no user input? The whole thing is a little confusing and not well explained at all. Again I doubt it's an issue general Mac users should really worry about. Even the other tech sites are giving the story relatively short shrift.
This article has details on (at least one) method of infection: http://www.thesafemac.com/iworm-method-of-infection-found/
Summary: Rides along with pirated copies of Photoshop and similar popular downloads from Usenet and Bittorrent. In the example, it did declare that it was from an unknown developer, but you would kind of expect this when you're installing something intended to bypass / override a developer's formal installation.
According to the article, It does not spread on its own.
Based on this, it's a simple trojan attached to pirated software. If the developers were really clever, they'd infect torrents of pirated antivirus to catch people a second time.
Sounds plausible, except for the part about Apple users stealing software,
That's reminds me about a new customer that came by this week. Wanted some images he had taken from the web and Photo-shopped printed up. He mentioned himself that he used a pirated version, but explained it was OK since he never needed it before now and might not really use it very much. Not worth buying in his view and he wasn't looking at it as stealing I guess.
You know, I first thought that here we go with another overblown, irrational, fanatical Apple bashing pogrom. Then it dawned on me that this is how our current culture works in the U.S. Think about the Ebola crap now being debated to insanity 24/7/365 on every medium you can think of with talking heads dispensing punditry till your head explodes. Same goes for the ISIL coverage. Turns out the tech universe is a microcosm of the overall culture of our time, just shit storm after shit storm being manufactured by bloviating narcissists who dare to call themselves journalists or tech writers. Add to it all the insane, psychotic, pathological mindset that if you read it on the Internet it MUST be true.
And “bend-gate?” If you go to Apple’s discussion forums and look at the iPhone threads there’s almost NOTHING to see in this regard but hey, some guy made a YouTube video and that’s the definitive source?
I recently bought a bottle of Casamigos añejo tequila for sipping while I read this crap. It’s really good and you get a different perspective after a shot or two or three.
Summary: Rides along with pirated copies of Photoshop and similar popular downloads from Usenet and Bittorrent. In the example, it did declare that it was from an unknown developer, but you would kind of expect this when you're installing something intended to bypass / override a developer's formal installation.
Wow, there are 17K users using pirated Photoshop or other apps? That surprises me, software isn't that expensive these days. 10 years ago there was a lot of app piracy but I thought these days not so much.
The worse virus I'Ve ever had is when I used a program on infected floppy in 1994 (it had the monkey boot sector virus, a nasty peace of work that spread like wild fire!). Almost all our floppies at work were infested (I wasn't in charge of security) and we lost 3 computers that way.
Oh man, had that too a few years before that. System 6.0.8 IIRC. Got infected from a single floppy we had returned to us from a print shop, same results. When it's late at night and you're tired and a file disappears or renames itself you think you're just getting punchy. Symantic Tools and a day or two of doing nothing but passing discs around, reformatting and reinstalling put us back on track, but what a nightmare.
At the time we didn't think of ourselves as computer people. We were doing our craft and the Mac Pluses and SEs were just the tools. But after that we started allowing a part of our brain to be occupied by good computer conduct. Now, sadly, it's 75% of it with only 25% left for what we're using them for.
Wow, there are 17K users using pirated Photoshop or other apps? That surprises me, software isn't that expensive these days. 10 years ago there was a lot of app piracy but I thought these days not so much.
Are you kidding me? There are surely many,many times more than 17k users of popular pirated software. Photoshop is still expensive ($600+) as a one time purchase when you could do that, and now pricey for some at $10/mo. What's surprising is that with all of the low-cost alternatives available today (Pixelmator, Acorn, Photoshop Elements) you'd still pirate; particularly since the vast majority of those pirating PS surely don't use the features that differentiate it from the low-cost alternatives.
Thanks, techies.
I wish AI would simply put one sentence into the article stating that you have to download and install this software with a password.
Except these so-called techies have no idea what they are talking about. The Flashback.K variant, which was a java exploit, was able to install itself in OS X without an administrator password.
http://arstechnica.com/apple/2012/04/mac-trojan-exploits-unpatched-java-vulnerability-no-password-needed/
Now, sadly, it's 75% of it with only 25% left for what we're using them for.
Which is really sad and a problem that has to be solved. That is where I think the App Store can help long term. If operating systems refuse to run any program that did not come from the app store, then malware email attachments and such will not run even if people click on them. Then people can get back to using their computers to actually get things done instead of worry about security all the time. But it requires software vendors to get on board, and support the App Stores on the various platforms: the Mac App Store for Apple and the Windows Store for Microsoft.
Wow, there are 17K users using pirated Photoshop or other apps? That surprises me, software isn't that expensive these days. 10 years ago there was a lot of app piracy but I thought these days not so much.
I don't think a lower cost of apps has any effect on piracy. For nearly all of the people who use pirated apps (or media or anything) if it can be acquired for nothing it will be done. Doesn't matter if the legit version costs $500 or $50, that just alters their rationalizing of it a bit. The harder it is to get pirated apps the less widespread they will be. As long as they are available easily the borderline downloader will always just do it regardless of any other factors.
I don't think a lower cost of apps has any effect on piracy. For nearly all of the people who use pirated apps (or media or anything) if it can be acquired for nothing it will be done. Doesn't matter if the legit version costs $500 or $50, that just alters their rationalizing of it a bit. The harder it is to get pirated apps the less widespread they will be. As long as they are available easily the borderline downloader will always just do it regardless of any other factors.
I don't think that's true, I think the primary factor is laziness/ease. Currently it's much easier to torrent an app than go to the store and buy a boxed copy. Or even to search the web, find a legitimate digital copy, figure out whatever god awful third party payment system they're using, maybe create an account on that site, then leave your chair to get your wallet with your credit card details, blah blah blah, what a hassle.
But if your very OS has a built-in app store, and your credit card details are already saved in there, and software is cheap and only 1 click away, then suddenly that's the easiest way, and I think in that situation you get a lot of people buying the legit version.
I believe there is a freeware application called AdwareMedic that will remove them for you, then again, if you are running the latest Mac OS and keeping it up to date, you shouldn't have these pests onboard your OS.
This wins the Stupid Post of the Day Award.
I love it that a long time member calls me out for the stupidest post of the day because it only serves to confirm that my comments touched a nerve with the Apple fan base, I consider that a win.
You consider being stupid a win? I have news for you: that makes you genuinely stupid.
Your statement was not only completely irrelevant to Apple, it–and the rest of the dreck you consider discussion in this thread–serves to out your ignorance and pointlessness.
Why are you here if not to disparage Apple? You don’t care about fact or truth; why should you keep posting?
Hogwash! First of all, I was there too and there were no Mac-related viruses/trojans in the early 1980's.
Ok good point. I got my dates off by a few years but we had tons of Mac viruses in the early years